Concept 16
ALE / SLE / ARO Calculations
Using SSCP risk formulas for expected loss.
These formulas are very important for SSCP exams.
SLE — Single Loss Expectancy
SLE is the amount of money lost from ONE incident.
Formula:
SLE = Asset Value × Exposure Factor
Terms:
- Asset Value (AV) = total value of the asset
- Exposure Factor (EF) = percentage of damage caused
Example
A server is worth $50,000.
A fire may damage 40% of it.
Formula:
SLE = 50,000 × 0.4 = 20,000
SLE = $20,000
Meaning:
One fire incident could cost $20,000.
ARO — Annualized Rate of Occurrence
ARO means how many times a risk is expected to happen each year.
Example:
- Once every year = 1
- Once every 5 years = 0.2
- Twice a year = 2
Easy Memory Tip
ARO = “How often per year?”
ALE — Annualized Loss Expectancy
ALE estimates the yearly expected financial loss from a risk.
Formula:
ALE = SLE × ARO
Example
A ransomware attack:
- SLE = $20,000
- ARO = 0.5 (once every 2 years)
Formula:
ALE = 20,000 × 0.5 = 10,000
ALE = $10,000 per year
Meaning:
The organization expects to lose about $10,000 yearly from this risk.
Easy Formula Summary
- SLE = AV × EF = Loss from one incident
- ALE = SLE × ARO = Expected yearly loss
Super Important Exam Tip
SSCP questions often ask:
“What is the BEST risk treatment option?”
Usually:
- Avoidance removes the activity
- Mitigation reduces the risk
- Transfer shifts financial responsibility
- Acceptance means knowingly living with the risk
Understanding the differences clearly is much more important than memorizing definitions only.